WP Activity Log

Monitor activity on your WordPress sites and get clear insights into what's happening with detailed user and event logging. Keep WordPress logs of everything that happens on your sites and multisite networks with WP Activity Log instantly, without writing a line of code.

• Easily detect suspicious activity on your WordPress site before it escalates
• Record failed login attempts to detect potential security breaches and strengthen site protection
• Track user logins and logouts to ensure SLAs are consistently met
• Monitor user activity and productivity to boost accountability
• Know exactly what all your users are doing in real time
• Know what happened before an outage for faster, easier troubleshooting
• Ensure compliance with regulations and standards like GDPR and PCI DSS
• Better manage & organize your site and users for smoother operations
• Simple setup ensures you start benefiting quickly and easily

WP Activity Log is a complete logging solution, helping hundreds of thousands of administrators and security professionals track changes on their websites thanks to real-time user activity monitoring. 💎 Need more extensive features? Unlock advanced reporting, exports/mirroring, session management, and real-time alerts with WP Activity Log premium or enterprise. [youtube https://www.youtube.com/watch?v=pgFEMIvKFTA] What WordPress changes WP Activity Log tracks A website activity log is important for improving troubleshooting, compliance, user management, and security. Get WP Activity Log and keep track of events on your site. The log not only tells you that a post, a user profile, or an object was updated, it also lets you know exactly what changed, when, and includes a user log (by whom), so you always have the information you need. Below is a summary of the changes that the plugin can keep a record of:

• Post, page, and custom post type changes: Status, content changes, title, URL, custom field, and other metadata changes
• Tags and category changes: Creating, modifying, deleting, and adding/removing them from posts
• Widget and menu changes: Creating, modifying, or deleting them
• User changes: User created or registered, deleted, or added to a site on multisite network
• User profile changes: Password, email, display name, and role changes
• Access logging: User login, logout, failed logins, and terminating other sessions
• WordPress core and settings changes: Installed updates, permalinks, default role, URL, and other site-wide changes
• WordPress multisite network changes: Adding, deleting, or archiving sites, adding or removing users from sites, etc.
• Plugin and Theme changes: Installing, activating, deactivating, uninstalling, and updating
• WordPress database changes: When a plugin adds or removes a table
• Third-party plugin changes: WooCommerce Stores & products, Yoast SEO, RankMath, Termly, WPForms, Gravity Forms, Advanced Custom Fields (ACF), MainWP, ManageWP, WP Umbrella, and other popular WordPress plugins
• WordPress site file changes: New files added, or existing files modified or deleted.

Event details recorded Detailed event logging ensures that for every event that the plugin records, it reports the: * Date & time (and milliseconds) of when it happened * User & role of the user who did the change * Source IP address from where the change happened * The object on which the change has taken place Refer to WordPress activity log event IDs for a complete list of all the changes WP Activity Log can keep a record of and a detailed explanation of what change every event ID represents. 💎 Upgrade to WP Activity Log Premium and get even more The premium edition of WP Activity Log takes WordPress user activity tracking to the next level. It comes bundled with even more features, including log mirroring, enterprise-grade support, user session management, and much more! Premium features list

• See who is logged in and monitor their current activities in real-time
• Log off any user at the click of a button
• Generate fully-configurable HTML and CSV reports for easy data analysis
• Receive email, SMS, and Slack notifications for important changes (fully configurable)
• Use search filters to fine-tune results and find what you need in seconds
• Store the activity logs in an external database to enhance security and scalability
• Mirror the activity log to log management systems such as AWS CloudWatch, Loggly, Papertrail, and others in real-time
• Mirror the logs to business communication systems like Slack
• Send a copy of your website's activity log to a log file on your web server
• Archive old activity log data to another database for improved storage and log management
• Add notes to activity log entries for better context and internal documentation

Refer to the WP Activity Log plugin features and benefits page to learn more about the benefits of upgrading to WP Activity Log Premium. 🔌 WP Activity Log third-party plugin support All WP Activity Log editions include activity tracking for third-party plugins, including (in alphabetical order):

• Advanced Custom Fields (ACF) – Log changes to post types, taxonomies, and taxonomy terms
• bbPress – Track changes to forums, topics, and bbPress settings
• Gravity Forms – Track changes to Gravity Forms settings, forms, and entries (leads)
• LearnDash – Track changes to courses, lessons, and other system changes, as well as student activity such as course, lesson, and quiz enrollments and completions.
• MemberPress – Log changes to plugin settings, memberships, payments, subscriptions, and other actions
• Multisite & management tools – Track changes across your network for MainWP, ManageWP, Modular DS, Infinite WP, WP Umbrella, WP Remote, and other multisite management plugins
• Paid Membership Pro - Log changes to membership levels, user assignments, and more. Premium users can also track order and checkout activity, and access a Members Activity panel inside each member’s profile for instant visibility into recent actions.
• RankMath – Log changes to RankMath settings, SEO configurations, and on-page SEO edits
• Redirection – Keep a log of changes to redirections and redirection groups
• Termly – Log changes to Termly settings and configurations
• WooCommerce – Keep a log of changes to store settings, orders, products, coupons, and more
• WPForms – Log changes to WPForms settings, forms, form files, and entries (leads)
• Yoast SEO – Track changes to Yoast SEO settings and on-page SEO in the Yoast SEO meta box

Extra Features for Enhanced Monitoring and Management Both free and premium editions of WP Activity Log include a number of non-logging specific features that make the plugin a complete WordPress monitoring solution. Here is what is included: Free

• Built-in support for reverse proxies and web application firewalls
• Integration with WhatIsMyIpAddress.com – get all information about an IP address with a single click
• Limit who can view the WordPress activity log by users or roles
• Enable or disable individual event IDs from the activity log
• Configurable dashboard widget highlighting the most recent critical activity
• Configurable WordPress activity log retention policies
• Display user avatars in events for better recognizability
• And much more!

Premium Everything that's included in the Free edition, plus: - Full WordPress multisite support - Create custom alerts & notifications to monitor additional functionality - Import and export plugin settings - Real-time activity log visible in the WordPress admin toolbar - And much more! 🛠️ Free and premium plugin support If you encounter any issues with the free edition of WP Activity Log, you can post and get help on the WordPress.org support forums. You can also find more technical information and plugin documentation on the Melapress knowledge base. Premium plugins include a full year of free updates and dedicated one-to-one premium email support. This means you get direct access to our support team who will assist you with any questions or issues related to the plugins. As featured on:

• Kinsta
• Pagely
• Shout Me Loud
• The Dev Couple
• WPKube
• Techwibe
• Tidy Repo
• KitPloit
• and many others.

MAINTAINED & SUPPORTED BY MELAPRESS Melapress develops high-quality WordPress management and security plugins such as Melapress Login Security, WP 2FA, and Melapress Role Editor. Browse our list of WordPress security and administration plugins to see how our plugins can help you better manage and improve the security and administration of your WordPress websites and users.

5.6.2 (2026-04-01)

• New event IDs for Learndash
• ID 11020 – A course was viewed.
• ID 11021 – A course was opened in the editor.
• ID 11215 – A lesson was viewed.
• ID 11216 – A lesson was opened in the editor.
• New functionality
• Implemented a plugin deactivation form to allow users to share their feedback.
• Plugin & functionality improvements
• Twilio and Slack API credentials (Account SID, Auth Token, Bot Token) can now be defined as PHP constants in wp-config.php. When a constant is defined, it takes priority over the value stored in the database, reducing exposure in the event of a database compromise.
• Added the seconds in the report's time column for improved precision and consistency with other export formats.
• Added enabled/disabled status meta field to plugin and theme update event IDs (5004, 5031) so users can see whether the plugin or theme was active at the time of the update.
• Improved Slack integration test button behavior: the button now correctly reflects failure when the Slack API responds with {"ok": false}, and a proper error message is shown instead of a false success indicator.
• Renamed the "Send test slack" button to "Send test Slack message". Added a warning callout when encrypted API key constants are in use, and refined other button labels and validation messages in the Slack settings UI.
• wsal_generate_reports_cron and all other WSAL custom cron events are now properly cleared on plugin deactivation, preventing WordPress from logging Cron reschedule event error: invalid_schedule errors after deactivation.
• Weekly automated reports now correctly respect the "Week Starts On" setting configured under Settings > General, ensuring reports are scheduled from the correct start day of the week.
• Reduced noise from event ID 2055 triggered during collaborative post editing (introduced in WordPress Core 7.0 beta). Events are now better filtered to avoid generating hundreds of redundant log entries during a single collaborative editing session.
• Security hardening across the plugin: fixed multiple WordPress coding standards violations, added missing direct file access protection guards, addressed unescaped output (XSS exposure), added CSRF protection to notice dismissal AJAX calls, and resolved other issues identified via a WordPress Core PCP audit.
• License declarations in classes/Helpers/ PHP file headers have been reviewed and corrected to ensure consistency with the plugin's GPL v3 license.
• Bug fixes
• Fixed: Fatal error Call to a member function get_name() on bool in WooCommerce_Sensor_Helper_Second::event_order_items_removed() when order items have no associated WooCommerce product.
• Fixed: Fatal error triggered when restoring a WooCommerce order via the admin.
• Fixed: Rank Math sensor store_old_values() and store_old_values_delete() were registered using add_action() instead of add_filter() on update_post_metadata and delete_post_metadata. Both callbacks also declared void return types and did not return $check, silently resetting the filter chain and causing short-circuits from third-party plugins (e.g. Events Calendar Pro) to be ignored.
• Fixed: PHP Warning Undefined array key "alert_id" in class-mainwp-helper.php on line 535 when using the MainWP integration.
• Fixed: Several small UI/UX issues with the settings export/import feature.
• Fixed: Removed some orphaned code leftovers from obsolete event ID 2106.
• Fixed: Added additional JS-side tag validations in the mirroring setup wizard, to prevent edge-case issues involving certain special characters.

Refer to the complete plugin changelog for more detailed information about what was new, improved and fixed in previous version updates of WP Activity Log.